john.nelson@teradyne.com
2007-Oct-26 14:12 UTC
[Samba] Change in group membership behavior?
Maybe this is old news, but we've just upgraded from Samba 3.0.7-1.3E.1 on Redhat Linux 3 to 3.0.10-1.4E.11 on Redhat Linux 4, and we're seeing a significant change in behavior that has broken our environment. We use "security=domain". With the earlier version of Samba, we were relying on the fact that Samba would get the list of groups from the mapped unix account (after authenticating a domain user). Now, it seems to be trying to map the Windows domain account groups (and in particular, the primary group). For example, users who have a primary group of "Domain Users" are now failing to create new files (with the group "OURDOMAIN\Domain Users"), when before, they could create files owned by the unix account's primary group. We don't support a unix group "Domain Users", and this isn't the group owner of the directory we are trying to modify. Is this a known change in Samba behavior? Is there any way to revert to the old behavior (use the unix account's groups)? - john nelson
Reasonably Related Threads
Wisdom of the Ancients
